Skip to content

omakasekim/VMHunt

 
 

Repository files navigation

VMHunt: Extraction and Simplification of Virtualized Binary Code

VMHunt is a set of tools for analyzing virtualized binary code. Now we only support 32 bit traces.

Prerequisites

  1. PIN tools from Intel. I tested version 2.13 and 3.2, but other versions probably work as well.
  2. g++ compiler (6.0 version or above).

How to compile and install

  1. Compile the tracer: run make PIN_ROOT=PinDirectory TARGET=ia32 $* in the tracer directory.
  2. Compile VMHunt: run make in the project root directory.

How to use

  1. Use the tracer to record an execution trace.
    pin -t tracer/obj-ia32/instracelog.so -- yourprogram
  2. Extract virtualized snippet in the trace.
    ./vmextract tracefile
  3. Backward slice the trace.
    ./slicer tracefile
  4. Run MG symbolic execution
    ./mgse tracefile

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 99.0%
  • Makefile 1.0%